[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 18 Aug 2009 16:54:43 -0400 (EDT)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request - kernel: information leak in
sigaltstack
On Tue, 4 Aug 2009, Eugene Teo wrote:
> do_sigaltstack: avoid copying 'stack_t' as a structure to user space
======================================================
Name: CVE-2009-2847
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2847
Reference: MILW0RM:9352
Reference: URL:http://www.milw0rm.com/exploits/9352
Reference: MLIST:[oss-security] 20090804 CVE request - kernel: information leak in sigaltstack
Reference: URL:http://www.openwall.com/lists/oss-security/2009/08/04/1
Reference: MLIST:[oss-security] 20090805 Re: CVE request - kernel: information leak in sigaltstack
Reference: URL:http://www.openwall.com/lists/oss-security/2009/08/05/1
Reference: CONFIRM:http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=0083fc2c50e6c5127c2802ad323adf8143ab7856
Reference: CONFIRM:https://bugzilla.redhat.com/show_bug.cgi?id=515392
The do_sigaltstack function in kernel/signal.c in Linux kernel 2.6
before 2.6.31-rc5, when running on 64-bit systems, does not clear
certain padding bytes from a structure, which allows local users to
obtain sensitive information from the kernel stack via the sigaltstack
function.
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
